CDQR Parsing when Timesketch Elastic Search Not running #21
Assignees
Comments
|
That is interesting. Are you sure it's not due to elasticsearch not
running?
…On Fri, Apr 13, 2018, 8:13 AM Daniel Chun ***@***.***> wrote:
I've been running into problems where CDQR.py is throwing errors when
timesketch is not running.
@chunderstruck <https://github.com/chunderstruck> will look into this
issue and submit a pull request.
Removing uncompressed files in directory: Results/artifacts/
Process to export to ElasticSearch started
Exporting results in TimeSketch format to the ElasticSearch server
"psort.py" "-o" "timesketch" "--status_view" "linear" "--name" "bumblebee" "--index" "bumblebee" "Results/BUMBLEBEE.plaso"
ERROR: There was a problem. See details in log.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#21>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AI9CHEJ6aLov-q2g-6AQ8XJDJ9vNcybaks5toKR1gaJpZM4TTbXE>
.
|
|
Either Elastic or Timesketch wasn't working, it was resolved when I restarted timesketch. I've run into this issue a couple times when testing new builds... |
|
I wonder what is causing ElasticSearch to not start up intermittently. If the RAM in Skadi is too low (less than 8GB) I know there is a chance for that to happen. It's easy to tell if that's the issue. |
|
This doesn't appear to be an issue with the latest version. Closing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I've been running into problems where CDQR.py is throwing errors when timesketch is not running.
@chunderstruck will look into this issue and submit a pull request.
The text was updated successfully, but these errors were encountered: